Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent malicious users to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu glibc |
||
debian debian linux 7.0 |